server {
    listen       8080;
    server_name  ${OPEN_SEARCH_HOST_FOR_NGINX} localhost;

    add_header Content-Security-Policy "default-src 'none'; style-src 'self'; img-src 'self'";
    add_header X-Frame-Options "DENY" always;
    add_header X-Content-Type-Options "nosniff";

    root   /var/www/html;
    index  index.php;

    location / {
        try_files $uri $uri/ /index.php?$args;
    }

    location ~ \.php$ {
        fastcgi_pass   unix:/run/php-fpm83.sock;
        fastcgi_index  index.php;
        include        fastcgi.conf;
    }

    location ~ /\. {
        deny all;
    }
}
